Analyzing security parameters of database management systems | Статья в журнале «Молодой ученый»

Отправьте статью сегодня! Журнал выйдет 28 декабря, печатный экземпляр отправим 1 января.

Опубликовать статью в журнале

Авторы: ,

Рубрика: Информационные технологии

Опубликовано в Молодой учёный №15 (305) апрель 2020 г.

Дата публикации: 10.04.2020

Статья просмотрена: 31 раз

Библиографическое описание:

Иргашева, Д. Я. Analyzing security parameters of database management systems / Д. Я. Иргашева, Д. Ж. Содикова. — Текст : непосредственный // Молодой ученый. — 2020. — № 15 (305). — С. 84-86. — URL: https://moluch.ru/archive/305/68696/ (дата обращения: 17.12.2024).



In this paper is given Security parameters and requirements of database management system. At the end of the paper is analyzed MSAccess, SQL Server and Oracle DBMS.

Keywords: DBMS, security, security model, comparing DBMS.

Evaluation of DBMS (database management systems) is an important point of information technologies. However, easier said than done, performance evaluation of database system is a non-trivial activity, made more complicated by the existence of different flavors of database systems fine-tuned for serving specific requirements. However, performance analysis tries to identify certain key aspects generally desired of all database systems and try to define benchmarks for them. In the rest of this survey, we shall provide a formal definition of database systems followed by few methods to categorize or classify database systems. This shall be followed by a look at the various performance evaluation techniques that are employed to benchmark database systems, some of the key benchmarking techniques used in practice in the industry and some open source benchmarking schemes available for use in the public domain [1].

A database security manager is the most important asset to maintaining and securing sensitive data within an organization. Database security managers are required to multitask and juggle a variety of headaches that accompany the maintenance of a secure database.

If you own a business, it is important to understand some of the database security problems that occur within an organization and how to avoid them. If you understand the how, where, and why of database security you can prevent future problems from occurring.

Having a perfectly fitting database management system (DBMS) is a key component for today’s business success. The DBMS manages the interaction between your applications and the underlying database. It assures that the correct data is available for the requested user group when needed. When choosing a DBMS from the variety of concepts and vendors, you should consider the following points before making a decision [2].

  1. Data Model. For a long time, the relational concept was dominant, however recently NoSQL databases have again become more successful.

Fig. 1. Security in database management system

  1. Data Consistency. Nowadays, collecting data is not a big effort anymore. But, keeping the data consistent becomes even more important as more sources feed into the database.
  2. Data Security. For most companies, data availability is a key business success factor and should always be guaranteed. The ability to backup and restore the databases is essential and needs to be possible with your chosen DBMS.
  3. Data Protection. Access protection and encryption should allow protection of personal data. Every DBMS provide different methods of protect the data through encryption, but the possibility to define routines and access rights is different for every system.
  4. Multi Access and Integration. Setting up a DBMS, running it and extending it for future growth, requires enough flexibility to allow integration into the given IT infrastructure.
  5. Efficiency backup. When we talk about the efficiency of DBMS, we usually mean the response time. You will find on premise and cloud solutions available on the market.
  6. Usability. Different user groups will be working with the DBMS. There are the administrators, IT and Database admins, application integrators and data consumers.
  7. Implementation and Service Costs. The modifiability and availability of support and documentation needs to be taken into consideration as part of the implementation and Total Cost of Ownership (TCO). Also, several measures to ensure database security are given below:

 Elimination of vulnerabilities—continually assess, identification and remediation of vulnerabilities that expose the database.

 Isolation of sensitive databases—maintainance an accurate inventory of all databases deployed across the enterprise and identification of all sensitive data residing on those databases.

 Enforcement of the least privileges—identification of user entitlements and enforcement of user access controls and privileges to limit access to only the minimum data required for employees to do their jobs.

 Auditing for deviations—implementation of appropriate policies and monitor any vulnerabilities that cannot be remediated for any activity the deviating from authorized activity.

 Response to the suspicious behavior—alert and response to any abnormal or suspicious behavior in real time to minimize risk of attack.

The main results of comparing DBMS (Access, SQL Server and Oracle) (table 1) are given here. The security level of DBMS is shown in following table and it is indicated that oracle is the best one among three DBMS.

Table 1

Main results of comparing DBMS

DBMS

Methods

MS Access

SQL Server

Oracle

Access

By user and group

By three command

By four command

Role

No

Server and Database Level

By set_role commands

Encryption

With password

TDE

TDE

Authentication

No

Windows and SQL Server authentication

Simple and proxy authentication

Grouping

Users group

Administrator, database owner and users group

Administrator, database owner and users group

Backup

Manual

Parallel (back up to 32 devices at once)

Parallel

Audit

No

By security log, application log and file

Audit vault

Fire-Wall

No

No

Three motion

Cloud

No

Amazon EC2

In version 12c

References:

  1. Sumathi S., Esakkirajan S. Fundamentals of relational database management systems. — Springer, 2007. — Т. 47.
  2. Singh S., Rai R. K. A Review Report on Security Threats on Database //International Journal of Computer Science and Information Technologies. — 2014. — Т. 5. — №. 3. — С. 3215–3219.
  3. https://www.testronix.com.ph/2018/01/30/8-key-considerations-choosing-dbms/
  4. https://blog.paessler.com/key-considerations-when-choosing-a-dbms
Основные термины (генерируются автоматически): DBMS, SQL, TDE, TCO.


Ключевые слова

security, DBMS, security model, comparing DBMS

Похожие статьи

Development of an ETL system for data loading into the Data Warehouse

This article describes the basic idea of developing an ETL system for loading data into the Data Warehouse. The main development tasks are presented, and the process of implementing the ETL system is described.

Strategies and methods for searching data in NoSQL DBMS

In this article, it will be shown how to use NoSQL databases to extract high-quality and low-cost solution for searching and to help understand what impacts on NoSQL system selection.

Hybrid recommender system based on Apache Spark

Through the analysis of the recommendation system, it is found that the traditional recommendation algorithm has some shortcomings, and the emergence of the hybrid recommendation algorithm effectively alleviates these problems.

Studying the tonality of text using machine learning methods

In this article, the authors compare machine learning algorithms in the task of analyzing text tonality

Analysis of Approaches to Implementing the Principle of TQM «Continuous Improvement» in Production Management

The paper analyzes the approaches to the study and development cycle PDCA, which is the basis of the principle of TQM «continuous improvement». The techniques «8D», QS-story as examples of approaches to continuous improvement of production processes...

Corporate Project Management System

The article deals with various interpretations of the concept of corporate project management system in the management system. The goals and objectives of the project management system are characterized. The main methodologies of the project manageme...

Application of innovative Building structures

This article analyzes and provides methods for solving problems associated with resource conservation during design. And also in the study, we attach great importance to the economic aspect of structures.

Information system for vectorization of raster images

In this work we discuss software for bitmap digitizing. The result is a vector image based on zig zag lines and polygons. We describe information system design phase and the user interface and give image processing results.

Analysis of reforms implemented for rational use of the labor force in the region

In this paper analyzed rational use of labor force on the bases of statistic data. As well as analyzed activities of labor and social security department of Kharezm region.

Using web-technologies for teaching foreign language and translation

The article examines various aspects of the application of modern means and methods of teaching in order to achieve the greatest effect of the educational process.

Похожие статьи

Development of an ETL system for data loading into the Data Warehouse

This article describes the basic idea of developing an ETL system for loading data into the Data Warehouse. The main development tasks are presented, and the process of implementing the ETL system is described.

Strategies and methods for searching data in NoSQL DBMS

In this article, it will be shown how to use NoSQL databases to extract high-quality and low-cost solution for searching and to help understand what impacts on NoSQL system selection.

Hybrid recommender system based on Apache Spark

Through the analysis of the recommendation system, it is found that the traditional recommendation algorithm has some shortcomings, and the emergence of the hybrid recommendation algorithm effectively alleviates these problems.

Studying the tonality of text using machine learning methods

In this article, the authors compare machine learning algorithms in the task of analyzing text tonality

Analysis of Approaches to Implementing the Principle of TQM «Continuous Improvement» in Production Management

The paper analyzes the approaches to the study and development cycle PDCA, which is the basis of the principle of TQM «continuous improvement». The techniques «8D», QS-story as examples of approaches to continuous improvement of production processes...

Corporate Project Management System

The article deals with various interpretations of the concept of corporate project management system in the management system. The goals and objectives of the project management system are characterized. The main methodologies of the project manageme...

Application of innovative Building structures

This article analyzes and provides methods for solving problems associated with resource conservation during design. And also in the study, we attach great importance to the economic aspect of structures.

Information system for vectorization of raster images

In this work we discuss software for bitmap digitizing. The result is a vector image based on zig zag lines and polygons. We describe information system design phase and the user interface and give image processing results.

Analysis of reforms implemented for rational use of the labor force in the region

In this paper analyzed rational use of labor force on the bases of statistic data. As well as analyzed activities of labor and social security department of Kharezm region.

Using web-technologies for teaching foreign language and translation

The article examines various aspects of the application of modern means and methods of teaching in order to achieve the greatest effect of the educational process.

Задать вопрос